1. Field of the Invention
The present invention relates to computer programming, and deals more particularly with methods, systems, and computer program products for protecting the security of resources in distributed computing environments. The disclosed techniques improve administration and enforcement of security policies.
2. Description of the Related Art
Use of distributed computing environments for e-commerce (or, equivalently, e-business in general) has skyrocketed in recent years. One well-known distributed computing environment is the public Internet (and the subset thereof known as the World Wide Web, or simply “Web”). Other distributed computing environments include intranets and extranets, where intranets are typically designed as computing networks for internal use within a business enterprise and extranets are typically designed for use by a business' suppliers and/or customers.
Protecting the security of resources in distributed computing environments is vital to the success of e-business initiatives. Few, if any, businesses put distributed computing applications into production without the assurance that their business processes and data are protected from malicious or inadvertent loss. A business may therefore implement security constraints for its network resources, where these security constraints may include (by way of illustration) ensuring that only authorized users are able to execute certain programs or certain functions of programs, or are able to access particular types of stored data, or perhaps are able to obtain Web pages which are retrieved using particular Uniform Resource Locator (“URL”) addresses. As an example of restricting access to program functions, supervisors using an online banking application might be permitted to update account balance records, while tellers might be prevented from performing this function. As an example of restricting access to stored data, in an online personnel management application, managers might be permitted to view information about their employees' upcoming salary increases, whereas non-managerial employees would likely be restricted from seeing this information. Managers might also be allowed to view Web pages which present budget information, but non-managerial employees might be prevented from viewing these same pages.
On the other hand, there may be network resources which do not require protected access. For example, online shopping sites typically allow all users to browse their electronic catalogs, and online flight reservation sites normally allow all users to view information on flight arrival and departure schedules. In these types of business scenarios, resource protection is typically applied only after the user initiates particular types of transactions (such as ordering merchandise from the online catalog or making reservations on a certain flight).
Security policies are implemented to control access to an enterprise's resources, where these security policies are designed based on the types of resources and the need to protect each resource. In the online shopping and airline reservation scenarios, for example, choosing to allow unrestricted access up to a certain point may be thought to increase the likelihood of attracting new business.
In an enterprise containing thousands of deployed resources, the security administrator's job in designing and enforcing the security policy typically involves controlling access to each of these resources. With reference to an enterprise in which the Java™ programming language is used to develop applications, for example, the applications may use components based upon Enterprise JavaBean™ (also referred to as “EJBs”), Java Server Page™ (also referred to as “JSPs”), and servlets. In this environment, referred to hereinafter as a “J2EE™ environment”, it is typically necessary to define the security policy at a level which enables protecting the methods of the EJBs and servlets, and the methods which are invoked from JSPs and when referencing each of the enterprise's Uniform Resource Identifiers or “URIs” (of which URLs are one subset). (“J2EE” is an acronym for “Java™ Platform, Enterprise Edition”. The J2EE environment is used herein for purposes of illustration, but it is to be noted that the present invention is not limited to use in a J2EE environment. “Java”, “JavaBeans”, “JavaServer Pages”, and “J2EE” are trademarks of Sun Microsystems, Inc.)
In an enterprise which may have thousands of EJBs (also referred to as “beans”) installed, with potentially tens of methods in each bean, the sheer number of resources to be protected becomes too large for the security administrator to understand and to administer.
Similarly, for multiple portal applications, business-to-business or “B2B” applications, distributed web services environments, and content security considerations (that is, environments wherein the content of received data needs to be monitored), the number of resources to be managed under the security policies is too large for the security administrator to effectively control. At the same time, however, security concerns are continually increasing as hackers learn ways to penetrate security even at entities which would be expected to have tamper-proof systems.
Furthermore, an application in a modern computing system will often be composed of programming elements hosted on different middleware technologies—for example, a Teller application may be composed of static HTML (Hypertext Markup Language) pages, JSPs, servlets, EJBs, database tables and stored procedures, OLTP (online transaction processing) transactions, etc. Each of the middlewares contributing to the overall application will often impose their own technology assumptions, programming models, and representations. It may be necessary to specify the authorization policy for the Teller application in a number of different ways for each of the middlewares employed by the application—leading to potential inconsistencies and conflicting sub-policies.
Accordingly, what is needed is an improved technique for administering and enforcing security policy.